CVE-2022-3598
published 2022-10-21CVE-2022-3598: LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a…
PriorityP426medium6.5CVSS 3.1
AVNACLPRNUIRSUCNINAH
EPSS
0.94%
56.5th percentile
LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | tiff | < tiff 4.4.0-5 (bookworm) | tiff 4.4.0-5 (bookworm) |
| libtiff | libtiff | — | — |
| libtiff | libtiff | 3.9.0 – 4.4.0 | — |
| msrc | cbl2_libtiff_4.4.0-6_on_cbl_mariner_2.0 | — | — |
| msrc | cm1_libtiff_4.4.0-6_on_cbl_mariner_1.0 | — | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
osv6.5MEDIUM
vendor_ubuntu7.7HIGH
vendor_msrc6.5MEDIUM
vendor_debian5.5MEDIUM
vendor_redhat5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
LibTIFF vulnerabilities
vendor_ubuntu·2022-11-08·CVSS 6.5
CVE-2022-2869 [MEDIUM] LibTIFF vulnerabilities
Title: LibTIFF vulnerabilities
Summary: Several security issues were fixed in LibTIFF.
It was discovered that LibTIFF incorrectly handled certain memory operations
when using tiffcrop. An attacker could trick a user into processing a specially
crafted tiff image file and potentially use this issue to cause a denial of
service. This issue only affected Ubuntu 22.10. (CVE-2022-2519, CVE-2022-2520,
CVE-2022-2521, CVE-2022-2953)
It was discovered that LibTIFF did not properly perform bounds checking in
certain operations when using tiffcrop. An attacker could trick a user into
processing a specially crafted tiff image file and potentially use this issue
to allow for information disclosure or to cause the application to crash. This
issue only affected to Ubuntu 18.04 LTS, Ubuntu 20.04 LTS an
Ubuntu
LibTIFF vulnerabilities
vendor_ubuntu·2022-10-27·CVSS 7.7
CVE-2022-3570 [HIGH] LibTIFF vulnerabilities
Title: LibTIFF vulnerabilities
Summary: Several security issues were fixed in LibTIFF.
Chintan Shah discovered that LibTIFF incorrectly handled memory in
certain conditions. An attacker could trick a user into processing a specially
crafted image file and potentially use this issue to allow for information
disclosure or to cause the application to crash. (CVE-2022-3570)
It was discovered that LibTIFF incorrectly handled memory in certain
conditions. An attacker could trick a user into processing a specially
crafted tiff file and potentially use this issue to cause a denial of service.
(CVE-2022-3598)
Instructions: In general, a standard system update will make all the necessary changes.
Microsoft
LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604 allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile l
vendor_msrc·2022-10-11·CVSS 6.5
CVE-2022-3598 [MEDIUM] CWE-787 LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604 allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile l
LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604 allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources the fix is available with commit cfbb883b.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If i
Red Hat
libtiff: out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c
vendor_redhat·2022-06-13·CVSS 5.5
CVE-2022-3598 [MEDIUM] libtiff: out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c
libtiff: out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c
LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b.
An out-of-bounds write flaw was found in the extractContigSamplesShifted24bits function in tools/tiffcrop.c in the libtiff package. By persuading a victim to open a specially-crafted TIFF image file, a remote attacker could cause a denial of service condition.
Package: libtiff (Red Hat Enterprise Linux 6) - Out of support scope
Package: compat-libtiff3 (Red Hat Enterprise Linux 7) - Out of support scope
Package: libtiff (Red Hat Enterprise
Debian
CVE-2022-3598: tiff - LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in...
vendor_debian·2022·CVSS 5.5
CVE-2022-3598 [MEDIUM] CVE-2022-3598: tiff - LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in...
LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b.
Scope: local
bookworm: resolved (fixed in 4.4.0-5)
bullseye: resolved (fixed in 4.2.0-1+deb11u3)
forky: resolved (fixed in 4.4.0-5)
sid: resolved (fixed in 4.4.0-5)
trixie: resolved (fixed in 4.4.0-5)
OSV
tiff vulnerabilities
osv·2022-11-08·CVSS 6.5
CVE-2022-2519 [MEDIUM] tiff vulnerabilities
tiff vulnerabilities
It was discovered that LibTIFF incorrectly handled certain memory operations
when using tiffcrop. An attacker could trick a user into processing a specially
crafted tiff image file and potentially use this issue to cause a denial of
service. This issue only affected Ubuntu 22.10. (CVE-2022-2519, CVE-2022-2520,
CVE-2022-2521, CVE-2022-2953)
It was discovered that LibTIFF did not properly perform bounds checking in
certain operations when using tiffcrop. An attacker could trick a user into
processing a specially crafted tiff image file and potentially use this issue
to allow for information disclosure or to cause the application to crash. This
issue only affected to Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.
(CVE-2022-2867, CVE-2022-2868, CVE-2022-2869)
OSV
tiff vulnerabilities
osv·2022-10-27·CVSS 5.5
CVE-2022-3570 [MEDIUM] tiff vulnerabilities
tiff vulnerabilities
Chintan Shah discovered that LibTIFF incorrectly handled memory in
certain conditions. An attacker could trick a user into processing a specially
crafted image file and potentially use this issue to allow for information
disclosure or to cause the application to crash. (CVE-2022-3570)
It was discovered that LibTIFF incorrectly handled memory in certain
conditions. An attacker could trick a user into processing a specially
crafted tiff file and potentially use this issue to cause a denial of service.
(CVE-2022-3598)
OSV
CVE-2022-3598: LibTIFF 4
osv·2022-10-21·CVSS 6.5
CVE-2022-3598 [MEDIUM] CVE-2022-3598: LibTIFF 4
LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b.
GHSA
GHSA-4cf4-hqwp-cpp8: LibTIFF 4
ghsa_unreviewed·2022-10-21
CVE-2022-3598 [MEDIUM] CWE-787 GHSA-4cf4-hqwp-cpp8: LibTIFF 4
LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b.
No detection rules found.
No public exploits indexed.
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3598.jsonhttps://gitlab.com/libtiff/libtiff/-/commit/cfbb883bf6ea7bedcb04177cc4e52d304522fdffhttps://gitlab.com/libtiff/libtiff/-/issues/435https://lists.debian.org/debian-lts-announce/2023/01/msg00018.htmlhttps://security.netapp.com/advisory/ntap-20230110-0001/https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3598.jsonhttps://gitlab.com/libtiff/libtiff/-/commit/cfbb883bf6ea7bedcb04177cc4e52d304522fdffhttps://gitlab.com/libtiff/libtiff/-/issues/435https://lists.debian.org/debian-lts-announce/2023/01/msg00018.htmlhttps://security.netapp.com/advisory/ntap-20230110-0001/
2022-10-21
Published